WebGL: An insecure standard, seriously, don’t use this right now (WebGL: 不安全的标准,严重的是,不要使用此现在)
When building games you need to be aware of causing your end users to be put in a condition of risk.
Microsoft goal is to be a standards based design shop, but some standards are not secure, so what to do? I don’t know, but I am not paid to make those kinds of decisions. Today, while researching for my blog (yes I actually do research), I thought that the WebGL was pretty cool. Chrome supports it, and IE 9 doesn’t, which makes for an awesome article tension. Yeah, I am a fanboy, no doubt, but let’s face it, would I have as much fun picking on Apple Safari? No I wouldn’t. However, in other blogs I do enjoy picking on the insecurity of the OS X.
Turns out that WebGL is insecure, and especially in Chrome, see (this has 6 vulnerabilities as of 5/19/2011)
https://web.nvd.nist.gov/view/vuln/search-results?query=WebGL&search_type=all&cves=on
Here is how the attack works, see: https://www.contextis.com/resources/blog/webgl/ for more information.
Of course, the web browser that they are talking about here is Chrome.